anti filtering
Sponsored Links
Sponsored Links
Secleted [ 0 ] software to compare
Results 1 - 15 of about 1424
Sax Filter 1.4
Sax Filter is a modular set of filters that can be used to process XML documents via Javas SAX support. more>>
Sax Filter is a modular set of filters that can be used to process XML documents via Javas SAX support.
Currently, the filters only process content (the ContentHandler interface).
<<lessCurrently, the filters only process content (the ContentHandler interface).
Download (0.048MB)
Added: 2006-12-24 License: GPL (GNU General Public License) Price:
1035 downloads
Compact Filter 0.3
Compact Filter is a network packet filter for Linux. more>>
Compact Filter is a network packet filter for Linux. It features an easy-to-use compact filter representation and high performance.
The main features are: easy to use interface, compact filter representation (memory efficient), and very high performance.
A difference between CF and other firewalls, such as Netfilter, is its representation of the ruleset. In CF the user writes a filter which is then compiled and optimized in user-space. The optimized filter is then loaded into the kernel (using netlink). Consequently the in kernel packet filtering code only needs funtionality for setting up a filter and filtering packets, while the more complex code of optimizing the filter remains in user-space.
Because of the continuous increase of the bandwidth and the security threats, firewalls have to evolve towards more efficient filtering schemes. The truth is that the existing scheme does not scale so well with the combined growth of bandwidth and rulesets.
Our aim is to try another approach to perform packet filtering where we minimize the complexity of the filtering process. This result in, both, a reduction of the required CPU power to filter packets and a simpler (and smaller) kernel code. Of course, we are pushing all the smart and complex part out to the user-space, but, developing in user-space is much simpler and safer.
Enhancements:
- changed -d option to delete all filters
- added -D option to delete a specific filter
- changed default policy to permit rather than deny
- added -l option on flex to support --yylineno on older versions of flex
- new and improved install guide
<<lessThe main features are: easy to use interface, compact filter representation (memory efficient), and very high performance.
A difference between CF and other firewalls, such as Netfilter, is its representation of the ruleset. In CF the user writes a filter which is then compiled and optimized in user-space. The optimized filter is then loaded into the kernel (using netlink). Consequently the in kernel packet filtering code only needs funtionality for setting up a filter and filtering packets, while the more complex code of optimizing the filter remains in user-space.
Because of the continuous increase of the bandwidth and the security threats, firewalls have to evolve towards more efficient filtering schemes. The truth is that the existing scheme does not scale so well with the combined growth of bandwidth and rulesets.
Our aim is to try another approach to perform packet filtering where we minimize the complexity of the filtering process. This result in, both, a reduction of the required CPU power to filter packets and a simpler (and smaller) kernel code. Of course, we are pushing all the smart and complex part out to the user-space, but, developing in user-space is much simpler and safer.
Enhancements:
- changed -d option to delete all filters
- added -D option to delete a specific filter
- changed default policy to permit rather than deny
- added -l option on flex to support --yylineno on older versions of flex
- new and improved install guide
Download (0.092MB)
Added: 2006-06-30 License: GPL (GNU General Public License) Price:
1211 downloads
Packet filtering setup script
Packet filtering setup script by Anthony C. Zboralski. more>>
Packet filtering setup script by Anthony C. Zboralski. Adapted by Didi Damian for iptables version 1.0.0
Sample:
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
# Set up variables
EXT_IF="eth0"
INT_IF="eth1"
EXT_IP=24.x.x.x/32
INT_IP=192.168.0.1/32
EXT_NET=24.x.x.0/24
INT_NET=192.168.0.0/24
MASQ_NETS="192.168.0.0/24"
LOCAL_ADDRS="127.0.0.0/8 192.168.0.1/32 24.x.x.x/32"
MAIL_RELAY=24.x.x.x/32
SMB_ACCESS="192.168.0.2/32"
SMB_BCAST="192.168.0.255/32"
# Turn on IP forwarding
echo Turning on IP forwarding.
echo 1 > /proc/sys/net/ipv4/ip_forward
# Load the ip_tables module
echo Loading ip_tables module.
/sbin/modprobe ip_tables || exit 1
# I let the kernel dynamically load the other modules
echo Flush standard tables.
iptables --flush INPUT
iptables --flush OUTPUT
iptables --flush FORWARD
echo Deny everything until firewall setup is completed.
iptables --policy INPUT DROP
iptables --policy OUTPUT DROP
iptables --policy FORWARD DROP
CHAINS=`iptables -n -L |perl -n -e /Chains+(S+)/ && !($1 =~ /^(INPUT|FORWARD|OUTPUT)$/) && print "$1 "`
echo Remove remaining chains:
echo $CHAINS
for chain in $CHAINS; do
iptables --flush $chain
done
# 2nd step cause of dependencies
for chain in $CHAINS; do
iptables --delete-chain $chain
done
for net in $MASQ_NETS; do
# I delete all the rules so you can rerun the scripts without bloating
# your nat entries.
iptables -D POSTROUTING -t nat -s $MASQ_NETS -j MASQUERADE 2>/dev/null
iptables -A POSTROUTING -t nat -s $MASQ_NETS -j MASQUERADE || exit 1
done
iptables --policy FORWARD ACCEPT
# Create a target for logging and dropping packets
iptables --new LDROP 2>/dev/null
iptables -A LDROP --proto tcp -j LOG --log-level info
--log-prefix "TCP Drop "
iptables -A LDROP --proto udp -j LOG --log-level info
--log-prefix "UDP Drop "
iptables -A LDROP --proto icmp -j LOG --log-level info
--log-prefix "ICMP Drop "
iptables -A LDROP --proto gre -j LOG --log-level info
--log-prefix "GRE Drop "
iptables -A LDROP -f -j LOG --log-level emerg
--log-prefix "FRAG Drop "
iptables -A LDROP -j DROP
# Create a table for watching some accepting rules
iptables --new WATCH 2>/dev/null
iptables -A WATCH -m limit -j LOG --log-level warn --log-prefix "ACCEPT "
iptables -A WATCH -j ACCEPT
echo Special target for local addresses:
iptables --new LOCAL 2>/dev/null
echo $LOCAL_ADDRS
for ip in $LOCAL_ADDRS; do
iptables -A INPUT --dst $ip -j LOCAL
# iptables -A INPUT --src $ip -i ! lo -j LDROP # lame spoof protect
done
echo Authorize mail from mail relay.
iptables -A LOCAL --proto tcp --syn --src $MAIL_RELAY --dst $EXT_IP --dport 25 -j ACCEPT
echo Authorizing samba access to:
echo $SMB_ACCESS
iptables --new SMB 2>/dev/null
for ip in $SMB_ACCESS; do
iptables -A SMB -s $ip -j ACCEPT
done
iptables -A LOCAL --proto udp -i ! $EXT_IF --dport 135:139 -j SMB
iptables -A LOCAL --proto tcp -i ! $EXT_IF --dport 135:139 -j SMB
iptables -A LOCAL --proto tcp -i ! $EXT_IF --dport 445 -j SMB
iptables -A INPUT -i ! $EXT_IF --dst $SMB_BCAST -j ACCEPT #lame samba broadcast
echo Drop and log every other incoming tcp connection attempts.
iptables -A LOCAL -i ! lo --proto tcp --syn --j LDROP
echo Authorize dns access for local nets.
for net in $MASQ_NETS 127.0.0.0/8; do
iptables -A INPUT --proto udp --src $net --dport 53 -j ACCEPT
done
echo Enforcing up ICMP policies, use iptables -L ICMP to check.
# If you deny all ICMP messages you head for trouble since it would
# break lots of tcp/ip algorythm (acz)
iptables --new ICMP 2>/dev/null
iptables -A INPUT --proto icmp -j ICMP
iptables -A ICMP -p icmp --icmp-type echo-reply -j ACCEPT
iptables -A ICMP -p icmp --icmp-type destination-unreachable -j WATCH
iptables -A ICMP -p icmp --icmp-type network-unreachable -j WATCH
iptables -A ICMP -p icmp --icmp-type host-unreachable -j WATCH
iptables -A ICMP -p icmp --icmp-type protocol-unreachable -j WATCH
iptables -A ICMP -p icmp --icmp-type port-unreachable -j ACCEPT
iptables -A ICMP -p icmp --icmp-type fragmentation-needed -j LDROP
iptables -A ICMP -p icmp --icmp-type source-route-failed -j WATCH
iptables -A ICMP -p icmp --icmp-type network-unknown -j WATCH
iptables -A ICMP -p icmp --icmp-type host-unknown -j WATCH
iptables -A ICMP -p icmp --icmp-type network-prohibited -j WATCH
iptables -A ICMP -p icmp --icmp-type host-prohibited -j WATCH
iptables -A ICMP -p icmp --icmp-type TOS-network-unreachable -j WATCH
iptables -A ICMP -p icmp --icmp-type TOS-host-unreachable -j WATCH
iptables -A ICMP -p icmp --icmp-type communication-prohibited -j WATCH
iptables -A ICMP -p icmp --icmp-type host-precedence-violation -j LDROP
iptables -A ICMP -p icmp --icmp-type precedence-cutoff -j LDROP
iptables -A ICMP -p icmp --icmp-type source-quench -j LDROP
iptables -A ICMP -p icmp --icmp-type redirect -j LDROP
iptables -A ICMP -p icmp --icmp-type network-redirect -j LDROP
iptables -A ICMP -p icmp --icmp-type host-redirect -j LDROP
iptables -A ICMP -p icmp --icmp-type TOS-network-redirect -j LDROP
iptables -A ICMP -p icmp --icmp-type TOS-host-redirect -j LDROP
iptables -A ICMP -p icmp --icmp-type echo-request -j WATCH
iptables -A ICMP -p icmp --icmp-type router-advertisement -j LDROP
iptables -A ICMP -p icmp --icmp-type router-solicitation -j LDROP
iptables -A ICMP -p icmp --icmp-type time-exceeded -j WATCH
iptables -A ICMP -p icmp --icmp-type ttl-zero-during-transit -j WATCH
iptables -A ICMP -p icmp --icmp-type ttl-zero-during-reassembly -j WATCH
iptables -A ICMP -p icmp --icmp-type parameter-problem -j WATCH
iptables -A ICMP -p icmp --icmp-type ip-header-bad -j WATCH
iptables -A ICMP -p icmp --icmp-type required-option-missing -j WATCH
iptables -A ICMP -p icmp --icmp-type timestamp-request -j LDROP
iptables -A ICMP -p icmp --icmp-type timestamp-reply -j LDROP
iptables -A ICMP -p icmp --icmp-type address-mask-request -j LDROP
iptables -A ICMP -p icmp --icmp-type address-mask-reply -j LDROP
iptables -A ICMP -p icmp -j LDROP
echo Authorize tcp traffic.
iptables -A INPUT --proto tcp -j ACCEPT
echo Authorize packet output.
iptables --policy OUTPUT ACCEPT
#echo reject ident if you drop em you gotta wait for timeout
#iptables -I LOCAL --proto tcp --syn --dst $EXT_IP --dport 113 -j REJECT
echo Drop and log all udp below 1024.
iptables -A INPUT -i ! lo --proto udp --dport :1023 -j LDROP
echo Drop rpc dynamic udp port:
RPC_UDP=`rpcinfo -p localhost|perl -n -e /.*udps+(d+)s+/ && print $1,"n"|sort -u`
echo $RPC_UDP
for port in $RPC_UDP; do
iptables -A LOCAL -i ! lo --proto udp --dport $port -j LDROP
done
echo Authorize udp above 1024.
iptables -A INPUT --proto udp --dport 1024: -j ACCEPT
<<lessSample:
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
# Set up variables
EXT_IF="eth0"
INT_IF="eth1"
EXT_IP=24.x.x.x/32
INT_IP=192.168.0.1/32
EXT_NET=24.x.x.0/24
INT_NET=192.168.0.0/24
MASQ_NETS="192.168.0.0/24"
LOCAL_ADDRS="127.0.0.0/8 192.168.0.1/32 24.x.x.x/32"
MAIL_RELAY=24.x.x.x/32
SMB_ACCESS="192.168.0.2/32"
SMB_BCAST="192.168.0.255/32"
# Turn on IP forwarding
echo Turning on IP forwarding.
echo 1 > /proc/sys/net/ipv4/ip_forward
# Load the ip_tables module
echo Loading ip_tables module.
/sbin/modprobe ip_tables || exit 1
# I let the kernel dynamically load the other modules
echo Flush standard tables.
iptables --flush INPUT
iptables --flush OUTPUT
iptables --flush FORWARD
echo Deny everything until firewall setup is completed.
iptables --policy INPUT DROP
iptables --policy OUTPUT DROP
iptables --policy FORWARD DROP
CHAINS=`iptables -n -L |perl -n -e /Chains+(S+)/ && !($1 =~ /^(INPUT|FORWARD|OUTPUT)$/) && print "$1 "`
echo Remove remaining chains:
echo $CHAINS
for chain in $CHAINS; do
iptables --flush $chain
done
# 2nd step cause of dependencies
for chain in $CHAINS; do
iptables --delete-chain $chain
done
for net in $MASQ_NETS; do
# I delete all the rules so you can rerun the scripts without bloating
# your nat entries.
iptables -D POSTROUTING -t nat -s $MASQ_NETS -j MASQUERADE 2>/dev/null
iptables -A POSTROUTING -t nat -s $MASQ_NETS -j MASQUERADE || exit 1
done
iptables --policy FORWARD ACCEPT
# Create a target for logging and dropping packets
iptables --new LDROP 2>/dev/null
iptables -A LDROP --proto tcp -j LOG --log-level info
--log-prefix "TCP Drop "
iptables -A LDROP --proto udp -j LOG --log-level info
--log-prefix "UDP Drop "
iptables -A LDROP --proto icmp -j LOG --log-level info
--log-prefix "ICMP Drop "
iptables -A LDROP --proto gre -j LOG --log-level info
--log-prefix "GRE Drop "
iptables -A LDROP -f -j LOG --log-level emerg
--log-prefix "FRAG Drop "
iptables -A LDROP -j DROP
# Create a table for watching some accepting rules
iptables --new WATCH 2>/dev/null
iptables -A WATCH -m limit -j LOG --log-level warn --log-prefix "ACCEPT "
iptables -A WATCH -j ACCEPT
echo Special target for local addresses:
iptables --new LOCAL 2>/dev/null
echo $LOCAL_ADDRS
for ip in $LOCAL_ADDRS; do
iptables -A INPUT --dst $ip -j LOCAL
# iptables -A INPUT --src $ip -i ! lo -j LDROP # lame spoof protect
done
echo Authorize mail from mail relay.
iptables -A LOCAL --proto tcp --syn --src $MAIL_RELAY --dst $EXT_IP --dport 25 -j ACCEPT
echo Authorizing samba access to:
echo $SMB_ACCESS
iptables --new SMB 2>/dev/null
for ip in $SMB_ACCESS; do
iptables -A SMB -s $ip -j ACCEPT
done
iptables -A LOCAL --proto udp -i ! $EXT_IF --dport 135:139 -j SMB
iptables -A LOCAL --proto tcp -i ! $EXT_IF --dport 135:139 -j SMB
iptables -A LOCAL --proto tcp -i ! $EXT_IF --dport 445 -j SMB
iptables -A INPUT -i ! $EXT_IF --dst $SMB_BCAST -j ACCEPT #lame samba broadcast
echo Drop and log every other incoming tcp connection attempts.
iptables -A LOCAL -i ! lo --proto tcp --syn --j LDROP
echo Authorize dns access for local nets.
for net in $MASQ_NETS 127.0.0.0/8; do
iptables -A INPUT --proto udp --src $net --dport 53 -j ACCEPT
done
echo Enforcing up ICMP policies, use iptables -L ICMP to check.
# If you deny all ICMP messages you head for trouble since it would
# break lots of tcp/ip algorythm (acz)
iptables --new ICMP 2>/dev/null
iptables -A INPUT --proto icmp -j ICMP
iptables -A ICMP -p icmp --icmp-type echo-reply -j ACCEPT
iptables -A ICMP -p icmp --icmp-type destination-unreachable -j WATCH
iptables -A ICMP -p icmp --icmp-type network-unreachable -j WATCH
iptables -A ICMP -p icmp --icmp-type host-unreachable -j WATCH
iptables -A ICMP -p icmp --icmp-type protocol-unreachable -j WATCH
iptables -A ICMP -p icmp --icmp-type port-unreachable -j ACCEPT
iptables -A ICMP -p icmp --icmp-type fragmentation-needed -j LDROP
iptables -A ICMP -p icmp --icmp-type source-route-failed -j WATCH
iptables -A ICMP -p icmp --icmp-type network-unknown -j WATCH
iptables -A ICMP -p icmp --icmp-type host-unknown -j WATCH
iptables -A ICMP -p icmp --icmp-type network-prohibited -j WATCH
iptables -A ICMP -p icmp --icmp-type host-prohibited -j WATCH
iptables -A ICMP -p icmp --icmp-type TOS-network-unreachable -j WATCH
iptables -A ICMP -p icmp --icmp-type TOS-host-unreachable -j WATCH
iptables -A ICMP -p icmp --icmp-type communication-prohibited -j WATCH
iptables -A ICMP -p icmp --icmp-type host-precedence-violation -j LDROP
iptables -A ICMP -p icmp --icmp-type precedence-cutoff -j LDROP
iptables -A ICMP -p icmp --icmp-type source-quench -j LDROP
iptables -A ICMP -p icmp --icmp-type redirect -j LDROP
iptables -A ICMP -p icmp --icmp-type network-redirect -j LDROP
iptables -A ICMP -p icmp --icmp-type host-redirect -j LDROP
iptables -A ICMP -p icmp --icmp-type TOS-network-redirect -j LDROP
iptables -A ICMP -p icmp --icmp-type TOS-host-redirect -j LDROP
iptables -A ICMP -p icmp --icmp-type echo-request -j WATCH
iptables -A ICMP -p icmp --icmp-type router-advertisement -j LDROP
iptables -A ICMP -p icmp --icmp-type router-solicitation -j LDROP
iptables -A ICMP -p icmp --icmp-type time-exceeded -j WATCH
iptables -A ICMP -p icmp --icmp-type ttl-zero-during-transit -j WATCH
iptables -A ICMP -p icmp --icmp-type ttl-zero-during-reassembly -j WATCH
iptables -A ICMP -p icmp --icmp-type parameter-problem -j WATCH
iptables -A ICMP -p icmp --icmp-type ip-header-bad -j WATCH
iptables -A ICMP -p icmp --icmp-type required-option-missing -j WATCH
iptables -A ICMP -p icmp --icmp-type timestamp-request -j LDROP
iptables -A ICMP -p icmp --icmp-type timestamp-reply -j LDROP
iptables -A ICMP -p icmp --icmp-type address-mask-request -j LDROP
iptables -A ICMP -p icmp --icmp-type address-mask-reply -j LDROP
iptables -A ICMP -p icmp -j LDROP
echo Authorize tcp traffic.
iptables -A INPUT --proto tcp -j ACCEPT
echo Authorize packet output.
iptables --policy OUTPUT ACCEPT
#echo reject ident if you drop em you gotta wait for timeout
#iptables -I LOCAL --proto tcp --syn --dst $EXT_IP --dport 113 -j REJECT
echo Drop and log all udp below 1024.
iptables -A INPUT -i ! lo --proto udp --dport :1023 -j LDROP
echo Drop rpc dynamic udp port:
RPC_UDP=`rpcinfo -p localhost|perl -n -e /.*udps+(d+)s+/ && print $1,"n"|sort -u`
echo $RPC_UDP
for port in $RPC_UDP; do
iptables -A LOCAL -i ! lo --proto udp --dport $port -j LDROP
done
echo Authorize udp above 1024.
iptables -A INPUT --proto udp --dport 1024: -j ACCEPT
Download (MB)
Added: 2007-02-14 License: GPL (GNU General Public License) Price:
984 downloads
FIR Filter Plugin 1.0.0
The FIR filter Plugin is an effect plugin for XMMS which enables to filter audio data using long FIR filters. more>>
FIR filter Plugin is an effect plugin for XMMS which enables to filter audio data using long FIR (finite impulse response) filters. Typical applications is loudspeaker or room equalization which typically requires filters with more than 300 taps (filter weights).
The FIR filter plugin uses the fftw3 library to perform the filtering using the overlap-and-add method. If fftw3 is not available the plugin will perform the filtering (convolution) in the time-domain which is much less efficient for long filters.
<<lessThe FIR filter plugin uses the fftw3 library to perform the filtering using the overlap-and-add method. If fftw3 is not available the plugin will perform the filtering (convolution) in the time-domain which is much less efficient for long filters.
Download (0.20MB)
Added: 2006-04-05 License: GPL (GNU General Public License) Price:
1299 downloads
SMC anti-spam milter 1.7
SMC anti-spam milter is an Sendmail plugin, that is designed to significantly reduce the amount of junk email you receive. more>>
SMC non-context E-mail filter - is an software application designed to significantly reduce the amount of SPAM/UCE (junk-mail) you receive. SMC uses a dynamic local and DNS based remote "whitelists" (for known/trusted senders), DNS based "blacklists" (for undesired senders), and an original "autoauthentication" system (for unknown, but legitimate senders).
In additional SMC has a set of useful features which allows to preserve mail recipients from dangerous message attachments, HTML includes. SMC is an Sendmail milter (plugin), which stops the junk-mail without receiving one.
SMC uses 3 original algorithms, one of which is "Check relay by NS" simulates a dynamical whitelist and will always accept the messages from mail systems satisfying to following conditions:
1. Mail domain name (the host part of the senders e-mail address) must have an MX records;
2. Mail domain name and the connection host address must be resolved;
3. Connection host must be listed at the one of nameservers which hold the senders mail domain name.
The second from the developed algorithms is a "check delays" algorithm which is based on statistical check of delivery delays, generated by a [tempfail] return code, that allows to exclude a direct receiving of a mail, which not passed through the standard mail server.
NOTE: Using this feature the delivery of the mail from unknown, but legitimate senders will be delayed for a count of 10-minutes checks, which setted by the "maxcount" configuration parameter.
And the third of original algorithms is "auto-authentication" algorithm: The sender of a "mail contact" (sender-recipient pair) means as authenticated (whitelisted) if the filters statistics module has registered the both of a sended forward (request) and a recieved backward (reply) messages of this contact. The messages from the such authenticated senders will never be delayed by the previous "check delay" algorithm.
Enhancements:
- CLOSE_WAIT problems have been solved (a critical bug).
- There is a critical bugfix to prevent DNS storms.
- All of the resolver functions use the local resolver context.
- Automake and autoconf support have been added.
<<lessIn additional SMC has a set of useful features which allows to preserve mail recipients from dangerous message attachments, HTML includes. SMC is an Sendmail milter (plugin), which stops the junk-mail without receiving one.
SMC uses 3 original algorithms, one of which is "Check relay by NS" simulates a dynamical whitelist and will always accept the messages from mail systems satisfying to following conditions:
1. Mail domain name (the host part of the senders e-mail address) must have an MX records;
2. Mail domain name and the connection host address must be resolved;
3. Connection host must be listed at the one of nameservers which hold the senders mail domain name.
The second from the developed algorithms is a "check delays" algorithm which is based on statistical check of delivery delays, generated by a [tempfail] return code, that allows to exclude a direct receiving of a mail, which not passed through the standard mail server.
NOTE: Using this feature the delivery of the mail from unknown, but legitimate senders will be delayed for a count of 10-minutes checks, which setted by the "maxcount" configuration parameter.
And the third of original algorithms is "auto-authentication" algorithm: The sender of a "mail contact" (sender-recipient pair) means as authenticated (whitelisted) if the filters statistics module has registered the both of a sended forward (request) and a recieved backward (reply) messages of this contact. The messages from the such authenticated senders will never be delayed by the previous "check delay" algorithm.
Enhancements:
- CLOSE_WAIT problems have been solved (a critical bug).
- There is a critical bugfix to prevent DNS storms.
- All of the resolver functions use the local resolver context.
- Automake and autoconf support have been added.
Download (0.096MB)
Added: 2005-07-30 License: GPL (GNU General Public License) Price:
1551 downloads
Constrictor Mail Filter 0.3
Constrictor is a Python module for parsing, filtering, and delivering mail as a mail delivery agent (like Procmail). more>>
Constrictor is a Python module for parsing, filtering, and delivering mail as a Mail Delivery Agent (like Procmail). Constrictor provides the functionality to easily write a MDA in Python rather than reading some configuration file of its own syntax.
This has the advantages that configurations are readable and self-explanatory (at least, to anyone who knows Python) and that users have the full flexibility of the Python language at their disposal. Constrictor has the ability to deliver to maildir and Unix mbox format mailboxes, as well as bounce, forward, or reject messages.
Constrictor is currently beta software, at best. Im always very leery of software that messes with my mail, since one runs the risk of not only losing messages but, potentially, bouncing mail to great embarassment and chagrin. That said, I am currently using Constrictor on my own mailbox full-time, but, as always, your mileage may vary.
Installation
Constrictor is a single Python module that should be placed either in the directory you intend to invoke your MDA from, or in your Python library directory. The only non-standard module it relies on is the spamd module from the SpamAssassin distribution (available at http://spamassassin.apache.org/full/2.6x/dist/contrib/spamd.py), and only then if you intend to use the "spamassassin()" function to filter your mail (the module is loaded only when that function is called). Constrictor should work on all versions of Python greater than 2.3; it has been tested primarily on 2.3.4, 2.3.5, 2.4.1.
The spamassassin() function connects to a (optionally specified) spamd server (it defaults to localhost). If you do not have a spamd server, you cannot use this function.
For Postfix and Sendmail, edit your ~/.forward to include "|/path/to/filter.py". For more information on invoking this script as an MDA,see your MTAs manual or ask your administrator.
Enhancements:
- This release adds locking code to duplicate database (pickle file used to recognize duplicate messages) access.
- This release contains no known stability or delivery reliability issues, and thus is considered stable.
<<lessThis has the advantages that configurations are readable and self-explanatory (at least, to anyone who knows Python) and that users have the full flexibility of the Python language at their disposal. Constrictor has the ability to deliver to maildir and Unix mbox format mailboxes, as well as bounce, forward, or reject messages.
Constrictor is currently beta software, at best. Im always very leery of software that messes with my mail, since one runs the risk of not only losing messages but, potentially, bouncing mail to great embarassment and chagrin. That said, I am currently using Constrictor on my own mailbox full-time, but, as always, your mileage may vary.
Installation
Constrictor is a single Python module that should be placed either in the directory you intend to invoke your MDA from, or in your Python library directory. The only non-standard module it relies on is the spamd module from the SpamAssassin distribution (available at http://spamassassin.apache.org/full/2.6x/dist/contrib/spamd.py), and only then if you intend to use the "spamassassin()" function to filter your mail (the module is loaded only when that function is called). Constrictor should work on all versions of Python greater than 2.3; it has been tested primarily on 2.3.4, 2.3.5, 2.4.1.
The spamassassin() function connects to a (optionally specified) spamd server (it defaults to localhost). If you do not have a spamd server, you cannot use this function.
For Postfix and Sendmail, edit your ~/.forward to include "|/path/to/filter.py". For more information on invoking this script as an MDA,see your MTAs manual or ask your administrator.
Enhancements:
- This release adds locking code to duplicate database (pickle file used to recognize duplicate messages) access.
- This release contains no known stability or delivery reliability issues, and thus is considered stable.
Download (0.010MB)
Added: 2005-11-28 License: BSD License Price:
1425 downloads
squid-filter 0.9
squid-filter project was designed to build filtering capabilities comparable to those of Muffin into Squid. more>>
squid-filter project was designed to build filtering capabilities comparable to those of Muffin into Squid. It consists of
a patch to Squid, containing a module loader and filtering hooks, and a set of filter modules.
Currently available filters:
- Redirection of URIs.
- Rejection of certain (configurable) MIME content types.
- Suppression of cookies.
- Removal of Javascript and ActiveX.
- Breaking of GIF animation loops.
- Detection of 1x1 images.
Main features:
- Modular, easily extensible by writing new filters.
- Flexible configuration. Filters are independent from each other.
- Each filter can take a list of URIs which should not be filtered (allow list). URIs are specified as full regular expressions.
- Client can choose to bypass filters case-by-case.
- Filtering keeps Content-Length where possible.
Purpose
A filtering proxy allows users to remove unwanted stuff from Web pages as they browse them. What "unwanted stuff" is obviously depends on the individual user, but things which are commonly regarded as annoyances include
banner ads, user behaviour tracking via cookies,
animated pictures, JavaScript, VBScript, ActiveX (dangerous as well as annoying).
Some of those things can be avoided by filtering URIs, which Squid can already do via an external redirect program. Others require a content filter.
Usually, a filtering proxy runs standalone and does nothing but filtering. Users have to configure this proxy in their browsers, and if they use a caching proxy too, chain them after the filter. In situations where the user runs Squid anyway (mostly because of caching for different browsers or a small LAN), it is convenient to build this capability into Squid.
<<lessa patch to Squid, containing a module loader and filtering hooks, and a set of filter modules.
Currently available filters:
- Redirection of URIs.
- Rejection of certain (configurable) MIME content types.
- Suppression of cookies.
- Removal of Javascript and ActiveX.
- Breaking of GIF animation loops.
- Detection of 1x1 images.
Main features:
- Modular, easily extensible by writing new filters.
- Flexible configuration. Filters are independent from each other.
- Each filter can take a list of URIs which should not be filtered (allow list). URIs are specified as full regular expressions.
- Client can choose to bypass filters case-by-case.
- Filtering keeps Content-Length where possible.
Purpose
A filtering proxy allows users to remove unwanted stuff from Web pages as they browse them. What "unwanted stuff" is obviously depends on the individual user, but things which are commonly regarded as annoyances include
banner ads, user behaviour tracking via cookies,
animated pictures, JavaScript, VBScript, ActiveX (dangerous as well as annoying).
Some of those things can be avoided by filtering URIs, which Squid can already do via an external redirect program. Others require a content filter.
Usually, a filtering proxy runs standalone and does nothing but filtering. Users have to configure this proxy in their browsers, and if they use a caching proxy too, chain them after the filter. In situations where the user runs Squid anyway (mostly because of caching for different browsers or a small LAN), it is convenient to build this capability into Squid.
Download (0.046MB)
Added: 2007-01-25 License: Public Domain Price:
1008 downloads
Safesquid Content Filtering Proxy 4.2.2.RC7
Antivirus and content filtering proxy server more>> Safesquid is an antivirus and content filtering proxy server. It has many advanced features like URL blacklists, bandwidth management, regular expression substitution on Website content and requested URLs, ICP and CARP support to interoperate with other proxy servers, configuration synchronization to ease management of proxy servers in a cluster, ICAP support to use third-party content adaptation software, image and link prefetching, HTTP and FTP content caching, NTLM and Basic authentication, and an intutive Web interface to configure the proxy server.<<less
Download (724KB)
Added: 2009-04-19 License: Freeware Price: Free
236 downloads
Yet Another Filter Proxy 0.1.1
Yet Another Filter Proxy project is a preforking, banner filtering, content scanning Perl proxy. more>>
Yet Another Filter Proxy project is a preforking, banner filtering, content scanning Perl proxy.
Yet Another Filter Proxy is a proxy to filter out advertising banners and malicious script code from web sites. It is written in Perl and based on an example by Randal L. Schwartz.
For performance reasons it uses preforking to spawn several processes of itself (like Apache does).
Unlike other available proxies (such as Junkbuster), it does blocking by Perl regular expressions on the site content, which allows you to block JavaScript and popups, in addition to normal ads.
Run perldoc yafp.pl for full readme!
<<lessYet Another Filter Proxy is a proxy to filter out advertising banners and malicious script code from web sites. It is written in Perl and based on an example by Randal L. Schwartz.
For performance reasons it uses preforking to spawn several processes of itself (like Apache does).
Unlike other available proxies (such as Junkbuster), it does blocking by Perl regular expressions on the site content, which allows you to block JavaScript and popups, in addition to normal ads.
Run perldoc yafp.pl for full readme!
Download (0.027MB)
Added: 2007-03-02 License: GPL (GNU General Public License) Price:
973 downloads
Yosis Anti-Spam POP3 fIlter bot 0.09
yaspi s a POP3 mail-scanner. more>>
yaspi (Yosis Anti-Spam POP3 fIlter bot) is a POP3 mail-scanner specifically made to combat mail bombings caused by viruses (i.e. Swen). It connects to the POP3 server, inspects the messages, and deletes the infected ones by itself automatically without ever downloading them.
yaspi most interesting feature is that it can automatically send abuse reports to the ISPs where the mails were originated. This way, most infected machines will be either disinfected or disconnected from the Internet (and so, sending infected mails!).
Main features:
- its free, distributed under the GNU GPL
- runs under Windows and Unix/Linux (maybe under Mac OS X, but untested)
- virus detecting rules are fully customizable
- integrated with Ricochet to send abuse reports
Enhancements:
- yaspi was killing its own messages, new rule added to let them pass
- new GUI available, still alfa, have several know bugs (but its not going to corrupt your mailbox, I hope!).
<<lessyaspi most interesting feature is that it can automatically send abuse reports to the ISPs where the mails were originated. This way, most infected machines will be either disinfected or disconnected from the Internet (and so, sending infected mails!).
Main features:
- its free, distributed under the GNU GPL
- runs under Windows and Unix/Linux (maybe under Mac OS X, but untested)
- virus detecting rules are fully customizable
- integrated with Ricochet to send abuse reports
Enhancements:
- yaspi was killing its own messages, new rule added to let them pass
- new GUI available, still alfa, have several know bugs (but its not going to corrupt your mailbox, I hope!).
Download (0.035MB)
Added: 2006-07-10 License: GPL (GNU General Public License) Price:
1206 downloads
RubyFilter 0.12
RubyFilter provides a Ruby email filtering program and library. more>>
RubyFilter provides a Ruby email filtering program and library.
RubyFilter is a Ruby email filtering program that can serve as a replacement for email delivery programs such as procmail.
It is also a Ruby module which provides classes that make it easy to write programs that filter and deliver email.
<<lessRubyFilter is a Ruby email filtering program that can serve as a replacement for email delivery programs such as procmail.
It is also a Ruby module which provides classes that make it easy to write programs that filter and deliver email.
Download (0.059MB)
Added: 2007-04-17 License: BSD License Price:
921 downloads
Imager::Filters 0.54
Imager::Filters is an entire image filtering operations. more>>
Imager::Filters is an entire image filtering operations.
SYNOPSIS
use Imager;
$img = ...;
$img->filter(type=>autolevels);
$img->filter(type=>autolevels, lsat=>0.2);
$img->filter(type=>turbnoise)
# and lots of others
load_plugin("dynfilt/dyntest.so")
or die "unable to load pluginn";
$img->filter(type=>lin_stretch, a=>35, b=>200);
unload_plugin("dynfilt/dyntest.so")
or die "unable to load pluginn";
$out = $img->difference(other=>$other_img);
Filters are operations that have similar calling interface.
filter
Parameters:
type - the type of filter, see "Types of Filters".
many other possible parameters, see "Types of Filters" below.
<<lessSYNOPSIS
use Imager;
$img = ...;
$img->filter(type=>autolevels);
$img->filter(type=>autolevels, lsat=>0.2);
$img->filter(type=>turbnoise)
# and lots of others
load_plugin("dynfilt/dyntest.so")
or die "unable to load pluginn";
$img->filter(type=>lin_stretch, a=>35, b=>200);
unload_plugin("dynfilt/dyntest.so")
or die "unable to load pluginn";
$out = $img->difference(other=>$other_img);
Filters are operations that have similar calling interface.
filter
Parameters:
type - the type of filter, see "Types of Filters".
many other possible parameters, see "Types of Filters" below.
Download (0.83MB)
Added: 2006-10-17 License: Perl Artistic License Price:
1102 downloads
Content Filtering Proxy SafeSquid 4.2.2.RC8.2
CONTENT FILTERING PROXY SERVER, WEB FILTER, INTERNET FILTER, REAL-TIME FILTER more>> SafeSquid is a Content Filtering Proxy Server - BROWSER BASED INTERFACE, VERY FAST THROUGHPUT, DNS CACHING, CONTENT CACHING, PREFETCHING, BANDWIDTH CONTROL, VIRUS SCAN, Source, Target & Time based GRANULAR FireWall style rules to allow / deny content like music, videos, flash & java applets, messengers, chats, cookies, activex, scripts, etc. REMOTE AUTHENTICATION, REAL-TIME TEXT & IMAGE ANALYSIS for blocking PORNOGRAPHY. LIVE REMOTE SUPPORT.<<less
Download (1014KB)
Added: 2009-04-17 License: Freeware Price: $na
205 downloads
Content Filtering Proxy SafeSquid 4.2.2.RC8.9
Content filtering proxy server - BROWSER BASED INTERFACE, VERY FAST THROUGHPUT, DNS CACHING, CONTENT CACHING, PREFETCHING, BANDWIDTH CONTROL, VIRUS SCAN, WEB FILTERING, REAL-TIME TEXT & IMAGE ANALYSIS more>>
SafeSquid is a Content Filtering Proxy Server. SafeSquid has a BROWSER BASED INTERFACE. SafeSquid offers arguably, worlds biggest set of Content Filtering features.
SafeSquids multi-threaded architecture, delivers industrys FASTEST THROUGHPUT, even while providing extreme content analysis and security. SafeSquid has an intelligent DNS cache, an extremely manageable content CACHING system, and configurable content pre-fetching that allows fast browsing of often viewed web-sites.
SafeSquid lets you create unlimited and extremely granular Internet Policies to define and deal with unlimited number of unique factors depending upon user / network / web-site / mime-type / size / time etc. SafeSquid allows you to create unlimited number of policies for allowing or BLOCKING SPECIFIC CONTENT, like music, ActiveX, JavaScripts, advertisement banners, etc., and even any part of the protocol header to ensure graded exchange of private information, from each web-site. Real-time text analysis and Image analysis besides categorized web-site databases ensure complete blocking of PORNOGRAPHY or replacing specific parts.
Users can be authenticated from a remote WINDOWS ADS / OpenLDAP servers. SafeSquid lets you, to THROTTLE SPEED for low priority users or applications. You can use a variety of ANTIVIRUS Software like ClamAV and any other ICAP based antivirus to stop viruses before they reach the client systems. SafeSquid allows you to customize the various templates, that are displayed when access or content is denied to the user. SafeSquids logs can be analyse to create a exhaustive USER ACTIVITY REPORTS.
It takes less than 3 minutes to install SafeSquid on a Linux based server. SafeSquid is backed by a very responsive and committed customer support. SUPPORT INCLUDES REMOTE LIVE-HAND-HOLDING. Various SafeSquid editions are available to serve small 20 user networks or thousands of concurrent users. SafeSquid has special features for use in CLUSTERS.
Requirements: Linux, kernel 2.6 or higher
Whats new in this version: http://www.safesquid.com/html/viewforum.php?f=293
<<less Download (1.04MB)
Added: 2009-04-09 License: Freeware Price: $0.00
204 downloads
fairly fast packet filter 1.5.0
The fairly fast packet filter (FFPF) is an approach to network packet processing. more>>
The fairly fast packet filter (FFPF) is an approach to network packet processing that adds many new features to existing filtering solutions like BPF.
fairly fast packet filter is designed for high speed by pushing computationally intensive tasks to the kernel or even network processors and by minimising packet copying.
By providing both access to richer programming languages and explicit extensibility, it is also considerably more flexible than existing approaches.
FFPF provides a complete solution for network monitoring that caters to all applications available today. Exploiting its extensibility, the language can even be used as a meta-filter to `script together filters from other approaches, such as BPF.
Main features:
- fast: processes significantly more packets per second than LSF (reference)
- scalable: transparently supports hardware assist, like that given by the Intel IXP2x00 network processors
- backward compatible: supports all existing libpcap based applications
- extensible: separates functionality from the framework. FFPF currently ships with implementations of BPF, Aho Corasick, Boyer Moore Horspool, and many more
- modular: new functions can be written in as little as 3 lines of code
- secure: relies on Keynote for authentication and resource control
- open and standard adherent: licensed under the GNU General Public License (GPL). It implements the Monitoring API (MAPI) draft as designed by the EU-SCAMPI consortium
Enhancements:
- enabled kernelspace processing
- enabled all 5 buffer implementations (Continuous, Fixed-size slot, Variable sized slot, Double ring and Index)
- added TCP stream reassembly and early implementation of zero-copy reassembly
- added PCAP input and output support, for userspace testing and offline use
- added additional minor functions: TCP Synprotect, output to files, ...
- added support for UDEV
- extended controlplane: flowspaces can now be queried for live state
- fixed up many bugs, hacks and irregularities.
<<lessfairly fast packet filter is designed for high speed by pushing computationally intensive tasks to the kernel or even network processors and by minimising packet copying.
By providing both access to richer programming languages and explicit extensibility, it is also considerably more flexible than existing approaches.
FFPF provides a complete solution for network monitoring that caters to all applications available today. Exploiting its extensibility, the language can even be used as a meta-filter to `script together filters from other approaches, such as BPF.
Main features:
- fast: processes significantly more packets per second than LSF (reference)
- scalable: transparently supports hardware assist, like that given by the Intel IXP2x00 network processors
- backward compatible: supports all existing libpcap based applications
- extensible: separates functionality from the framework. FFPF currently ships with implementations of BPF, Aho Corasick, Boyer Moore Horspool, and many more
- modular: new functions can be written in as little as 3 lines of code
- secure: relies on Keynote for authentication and resource control
- open and standard adherent: licensed under the GNU General Public License (GPL). It implements the Monitoring API (MAPI) draft as designed by the EU-SCAMPI consortium
Enhancements:
- enabled kernelspace processing
- enabled all 5 buffer implementations (Continuous, Fixed-size slot, Variable sized slot, Double ring and Index)
- added TCP stream reassembly and early implementation of zero-copy reassembly
- added PCAP input and output support, for userspace testing and offline use
- added additional minor functions: TCP Synprotect, output to files, ...
- added support for UDEV
- extended controlplane: flowspaces can now be queried for live state
- fixed up many bugs, hacks and irregularities.
Download (0.60MB)
Added: 2006-02-20 License: GPL (GNU General Public License) Price:
1342 downloads
Secleted [ 0 ] software to compare
Copyright Notice:
Software piracy is theft, Using crack, password, serial numbers, registration codes, key generators is illegal and prevent future software development. The above anti filtering search only lists software in full, demo and trial versions for free download. Download links are directly from our mirror sites or publisher sites, torrent files or links from rapidshare.com, yousendit.com or megaupload.com are not allowed
